//@ts-nocheck\r
'use strict'\r
\r
+import { Blake2b } from './blake2b.js'\r
+\r
// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.\r
// Public domain.\r
//\r
// See for details: https://docs.nano.org/integration-guides/the-basics/\r
// Original source commit: https://github.com/dchest/tweetnacl-js/blob/71df1d6a1d78236ca3e9f6c788786e21f5a651a6/nacl-fast.js\r
\r
-const NanoNaCl = () => {\r
+const n = () => {\r
/**\r
* Listens for messages from a calling function.\r
*/\r
addEventListener('message', (message) => {\r
const data = JSON.parse(new TextDecoder().decode(message.data ?? message))\r
- // for (const d of data) {\r
- for (let i = 0; i < data.length; i++) {\r
- if (i % 100 === 0) console.log(`${i} keys`)\r
- data[i].publicKey = hexify(keyPair(data[i].privateKey).publicKey)\r
+ for (const d of data) {\r
+ d.publicKey = hexify(keyPair(d.privateKey).publicKey)\r
}\r
const buf = new TextEncoder().encode(JSON.stringify(data)).buffer\r
postMessage(buf, [buf])\r
})\r
\r
var gf = function (init?: number[]) {\r
- var i, r = new Float64Array(16)\r
- if (init) for (i = 0; i < init.length; i++) r[i] = init[i]\r
+ const r = new Float64Array(16)\r
+ if (init) for (let i = 0; i < init.length; i++) r[i] = init[i]\r
return r\r
}\r
\r
}\r
\r
function A (o, a, b) {\r
- for (var i = 0; i < 16; i++) o[i] = a[i] + b[i]\r
+ for (let i = 0; i < 16; i++) o[i] = a[i] + b[i]\r
}\r
\r
function Z (o, a, b) {\r
- for (var i = 0; i < 16; i++) o[i] = a[i] - b[i]\r
+ for (let i = 0; i < 16; i++) o[i] = a[i] - b[i]\r
}\r
\r
function M (o, a, b) {\r
- var v, c,\r
+ let v, c,\r
t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0,\r
t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,\r
t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,\r
\r
// Note: difference from TweetNaCl - BLAKE2b used to hash instead of SHA-512.\r
function crypto_hash (out: Uint8Array, m: Uint8Array, n: number) {\r
+ const input = new Uint8Array(n)\r
+ for (let i = 0; i < n; ++i) input[i] = m[i]\r
const hash = new Blake2b(64).update(m).digest()\r
- for (let i = 0; i < 64; ++i) {\r
- out[i] = hash[i]\r
- }\r
+ for (let i = 0; i < 64; ++i) out[i] = hash[i]\r
return 0\r
}\r
\r
function add (p, q) {\r
- var a = gf(), b = gf(), c = gf(),\r
+ const a = gf(), b = gf(), c = gf(),\r
d = gf(), e = gf(), f = gf(),\r
g = gf(), h = gf(), t = gf()\r
\r
}\r
\r
function cswap (p, q, b) {\r
- var i\r
- for (i = 0; i < 4; i++) {\r
+ for (let i = 0; i < 4; i++) {\r
sel25519(p[i], q[i], b)\r
}\r
}\r
\r
function pack (r, p) {\r
- var tx = gf(), ty = gf(), zi = gf()\r
+ const tx = gf(), ty = gf(), zi = gf()\r
inv25519(zi, p[2])\r
M(tx, p[0], zi)\r
M(ty, p[1], zi)\r
}\r
\r
function scalarmult (p, q, s) {\r
- var b, i\r
set25519(p[0], gf0)\r
set25519(p[1], gf1)\r
set25519(p[2], gf1)\r
set25519(p[3], gf0)\r
- for (i = 255; i >= 0; --i) {\r
- b = (s[(i / 8) | 0] >> (i & 7)) & 1\r
+ for (let i = 255; i >= 0; --i) {\r
+ const b = (s[(i / 8) | 0] >> (i & 7)) & 1\r
cswap(p, q, b)\r
add(q, p)\r
add(p, p)\r
}\r
\r
function scalarbase (p, s) {\r
- var q = [gf(), gf(), gf(), gf()]\r
+ const q = [gf(), gf(), gf(), gf()]\r
set25519(q[0], X)\r
set25519(q[1], Y)\r
set25519(q[2], gf1)\r
scalarmult(p, q, s)\r
}\r
\r
- function crypto_sign_keypair (pk: Uint8Array, sk: Uint8Array) {\r
- var d = new Uint8Array(64)\r
- var p = [gf(), gf(), gf(), gf()]\r
- var i\r
-\r
- crypto_hash(d, sk, 32)\r
- d[0] &= 248\r
- d[31] &= 127\r
- d[31] |= 64\r
-\r
- scalarbase(p, d)\r
- pack(pk, p)\r
-\r
- for (i = 0; i < 32; i++) sk[i + 32] = pk[i]\r
- return 0\r
- }\r
-\r
- var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10])\r
+ const L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10])\r
\r
function modL (r, x) {\r
- var carry, i, j, k\r
+ let carry, i, j, k\r
for (i = 63; i >= 32; --i) {\r
carry = 0\r
for (j = i - 32, k = i - 12; j < k; ++j) {\r
}\r
\r
function reduce (r) {\r
- var x = new Float64Array(64), i\r
+ let x = new Float64Array(64), i\r
for (i = 0; i < 64; i++) x[i] = r[i]\r
for (i = 0; i < 64; i++) r[i] = 0\r
modL(r, x)\r
\r
// Note: difference from C - smlen returned, not passed as argument.\r
function crypto_sign (sm: Uint8Array, m: Uint8Array, n: number, sk: Uint8Array) {\r
- var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64)\r
- var i, j, x = new Float64Array(64)\r
- var p = [gf(), gf(), gf(), gf()]\r
+ const d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64)\r
+ const x = new Float64Array(64)\r
+ const p = [gf(), gf(), gf(), gf()]\r
\r
crypto_hash(d, sk, 32)\r
d[0] &= 248\r
d[31] &= 127\r
d[31] |= 64\r
\r
- var smlen = n + 64\r
- for (i = 0; i < n; i++) sm[64 + i] = m[i]\r
- for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i]\r
+ const smlen = n + 64\r
+ for (let i = 0; i < n; i++) sm[64 + i] = m[i]\r
+ for (let i = 0; i < 32; i++) sm[32 + i] = d[32 + i]\r
\r
crypto_hash(r, sm.subarray(32), n + 32)\r
reduce(r)\r
scalarbase(p, r)\r
pack(sm, p)\r
\r
- for (i = 32; i < 64; i++) sm[i] = sk[i]\r
+ for (let i = 32; i < 64; i++) sm[i] = sk[i]\r
crypto_hash(h, sm, n + 64)\r
reduce(h)\r
\r
- for (i = 0; i < 64; i++) x[i] = 0\r
- for (i = 0; i < 32; i++) x[i] = r[i]\r
- for (i = 0; i < 32; i++) {\r
- for (j = 0; j < 32; j++) {\r
+ for (let i = 0; i < 64; i++) x[i] = 0\r
+ for (let i = 0; i < 32; i++) x[i] = r[i]\r
+ for (let i = 0; i < 32; i++) {\r
+ for (let j = 0; j < 32; j++) {\r
x[i + j] += h[i] * d[j]\r
}\r
}\r
}\r
\r
function unpackneg (r, p) {\r
- var t = gf(), chk = gf(), num = gf(),\r
+ const t = gf(), chk = gf(), num = gf(),\r
den = gf(), den2 = gf(), den4 = gf(),\r
den6 = gf()\r
\r
}\r
\r
function crypto_sign_open (m: Uint8Array, sm: Uint8Array, n: number, pk: Uint8Array) {\r
- var i\r
var t = new Uint8Array(32), h = new Uint8Array(64)\r
var p = [gf(), gf(), gf(), gf()],\r
q = [gf(), gf(), gf(), gf()]\r
\r
if (unpackneg(q, pk)) return -1\r
\r
- for (i = 0; i < n; i++) m[i] = sm[i]\r
- for (i = 0; i < 32; i++) m[i + 32] = pk[i]\r
+ for (let i = 0; i < n; i++) m[i] = sm[i]\r
+ for (let i = 0; i < 32; i++) m[i + 32] = pk[i]\r
crypto_hash(h, m, n)\r
reduce(h)\r
scalarmult(p, q, h)\r
\r
n -= 64\r
if (crypto_verify_32(sm, 0, t, 0)) {\r
- for (i = 0; i < n; i++) m[i] = 0\r
+ for (let i = 0; i < n; i++) m[i] = 0\r
return -1\r
}\r
\r
- for (i = 0; i < n; i++) m[i] = sm[i + 64]\r
+ for (let i = 0; i < n; i++) m[i] = sm[i + 64]\r
return n\r
}\r
\r
\r
function checkArrayTypes (...args: Uint8Array[]) {\r
for (var i = 0; i < args.length; i++) {\r
- if (!(args[i] instanceof Uint8Array)) {\r
- console.log(args[i])\r
+ if (!(args[i] instanceof Uint8Array))\r
throw new TypeError(`expected Uint8Array; received ${args[i].constructor?.name ?? typeof args[i]}`)\r
- }\r
}\r
}\r
\r
checkArrayTypes(seed)\r
if (seed.length !== crypto_sign_SEEDBYTES)\r
throw new Error('bad seed size')\r
- var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES)\r
- var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES)\r
- for (var i = 0; i < 32; i++) sk[i] = seed[i]\r
- crypto_sign_keypair(pk, sk)\r
+ const pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES)\r
+ const sk = new Uint8Array(crypto_sign_SECRETKEYBYTES)\r
+ for (let i = 0; i < 32; i++) sk[i] = seed[i]\r
+\r
+ const p = [gf(), gf(), gf(), gf()]\r
+\r
+ const hash = new Blake2b(64).update(sk).digest()\r
+ hash[0] &= 248\r
+ hash[31] &= 127\r
+ hash[31] |= 64\r
+\r
+ scalarbase(p, hash)\r
+ pack(pk, p)\r
+\r
+ for (let i = 0; i < 32; i++) sk[i + 32] = pk[i]\r
+\r
return { publicKey: pk, secretKey: sk }\r
}\r
\r
return { sign, open, detached, verify, keyPair }\r
}\r
\r
-export const nacl = NanoNaCl()\r
+export const NanoNaCl = n()\r
\r
-export default NanoNaCl.toString().substring(NanoNaCl.toString().indexOf('{') + 1, NanoNaCl.toString().lastIndexOf('return'))\r
+const start = n.toString().indexOf('{') + 1\r
+const end = n.toString().lastIndexOf('return')\r
+export const worker = n.toString().substring(start, end)\r
projects / libnemo.git / commitdiff